Tagged VLAN2 for 2nd WLAN does not receive DHCP IP

opnw · October 14, 2025, 3:30pm

Hi folks

OpenWrt with default LAN (VLAN1) on "WLAN1" works fine.

The aim is, to get a 2nd WLAN2 with a tagged VLAN2 on OpenWrt. Nearby everything works fine, VLAN2 Interface (br-lan.2) gets DHCP IP from tagged VLAN2, but at the end, WLAN2 devices could not connect, don't get DHCP IPs. Tested with 2 diff. setups, OpnSense Router/Firewall with VLAN2, diff. Switches tested, mang. Ubiquiti, mang. Netgear, Firewall <-> Port trunk, tagged VLAN2, and VLAN2 "Port 4" tagged, later 3th WLAN3 with tagged VLAN3 should be added too.

OpenWrt devices tested: TP-Link Archer C6 v3 with OpenWrt 24.10.3 (also tested 22.03.7, 23.05.6), also TL-WR1043N ND v3 with OpenWrt 24.10.3 tested.

WLAN Clients:

Android smartphones: WLAN2 no IP from DHCP
PC clients, MX Linux, Win11: WLAN2 no IP from DHCP

Any idea, how to solve, to get WLAN2 DHCP IPs from tagged VLAN2? and later 3th interface WLAN3 with VLAN3?

brada4 · October 14, 2025, 3:59pm

If you have sufficiently old device vlan2 would be pre-assigned to WAN

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:

Remember to redact passwords, VPN keys, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall

opnw · October 14, 2025, 10:19pm

Thank you for help.

root@ArcherC6v3 OpenWrt 24.10.3 VLAN2 WLAN2 DHCP ignore, firewall off, WAN deleted.txt

root@ArcherC6v3:~# ubus call system board
{
	"kernel": "6.6.104",
	"hostname": "ArcherC6v3",
	"system": "MediaTek MT7621 ver:1 eco:3",
	"model": "TP-Link Archer C6 v3",
	"board_name": "tplink,archer-c6-v3",
	"rootfs_type": "squashfs",
	"release": {
		"distribution": "OpenWrt",
		"version": "24.10.3",
		"revision": "r28872-daca7c049b",
		"target": "ramips/mt7621",
		"description": "OpenWrt 24.10.3 r28872-daca7c049b",
		"builddate": "1758316778"
	}
}

Sorry, quoting seems to be limited, could not quote more than some bytes, always truncated, so here the rest w-out quote:

root@ArcherC6v3:~# cat /etc/config/network

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd39:9340:1f77::/48'
	option packet_steering '1'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'lan1'
	list ports 'lan2'
	list ports 'lan3'
	list ports 'lan4'

config interface 'lan'
	option device 'br-lan'
	option proto 'dhcp'

config device
	option type '8021q'
	option ifname 'br-lan'
	option vid '2'
	option name 'br-lan.2'

config interface 'VLAN2'
	option proto 'dhcp'
	option device 'br-lan.2'

root@ArcherC6v3:~# cat /etc/config/wireless

config wifi-device 'radio0'
	option type 'mac80211'
	option path '1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0'
	option band '2g'
	option channel '1'
	option htmode 'HT20'
	option cell_density '0'

config wifi-device 'radio1'
	option type 'mac80211'
	option path '1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0'
	option band '5g'
	option channel '36'
	option htmode 'VHT80'
	option disabled '1'

config wifi-iface 'wifinet0'
	option device 'radio0'
	option mode 'ap'
	option ssid 'WLAN2'
	option encryption 'none'
	option network 'VLAN2'

root@ArcherC6v3:~# cat /etc/config/dhcp

config dnsmasq
	option domainneeded '1'
	option boguspriv '1'
	option filterwin2k '0'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option nonegcache '0'
	option cachesize '1000'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
	option nonwildcard '1'
	option localservice '1'
	option ednspacket_max '1232'
	option filter_aaaa '0'
	option filter_a '0'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option dhcpv4 'server'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

config dhcp 'VLAN2'
	option interface 'VLAN2'
	option ignore '1'

root@ArcherC6v3:~# cat /etc/config/firewall

config defaults
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'

root@ArcherC6v3:~#

opnw · October 14, 2025, 10:32pm

opnw · October 14, 2025, 10:34pm

opnw · October 14, 2025, 10:37pm

psherman · October 14, 2025, 10:43pm

What port on the C6v3 is used to connect to the EdgeSwitch?

Delete this:

Create bridge VLANs... I'm going to assume that port lan1 is used for the uplink and that it connects to port 8 on the EdgeSwitch.

config bridge-vlan
	option device 'br-lan'
	option vlan '1'
	list ports 'lan1:u*'
	list ports 'lan2:u*'

config bridge-vlan
	option device 'br-lan'
	option vlan '2'
	list ports 'lan1:t'
	list ports 'lan3:u*'

config bridge-vlan
	option device 'br-lan'
	option vlan '3'
	list ports 'lan1:t'
	list ports 'lan4:u*'

The above will setup such that you have the uplink on port 1, VLAN 1 on port 2, VLAN 2 on port 3, and VLAN 3 on port 4 (this is so that you can test the trunk functionality).

Now, you also need to edit the lan to use br-lan.1:

config interface 'lan'
	option device 'br-lan.1'
	option proto 'dhcp'

And the VLAN2 (and VLAN3) interfaces will use br-lan.x accordingly, but they will be unmanaged:

config interface 'VLAN2'
	option proto 'none'
	option device 'br-lan.2'

config interface 'VLAN3'
	option proto 'none'
	option device 'br-lan.3'

opnw · October 14, 2025, 10:49pm

Yes, port 8 trunk on EdgeSwitch, to lan1 port OpenWrt. Do we need edit the configs in OpenWrt, could GUI not handle this automatically? I will try. Thank you!

psherman · October 14, 2025, 10:50pm

You can use LuCI (web interface) for these things, but it's a bit tricky because you can have issues with respect to the sequencing of the changes and automatic rollbacks. I prefer directly editing the config files. But either way works.

opnw · October 14, 2025, 11:20pm

Wow! WLAN 3 works now! But WLAN 2 not yet, I probably have an error in the configuration file, I'll check it later. Here the current setup:

Thank you!

root@ArcherC6v3:~# cat /etc/config/network

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd51:4c50:4c4::/48'
	option packet_steering '1'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'lan1'
	list ports 'lan2'
	list ports 'lan3'
	list ports 'lan4'

config interface 'lan'
	option device 'br-lan'
	option proto 'dhcp'

config bridge-vlan
	option device 'br-lan'
	option vlan '1'
	list ports 'lan1:u*'
	list ports 'lan2:u*'

config bridge-vlan
	option device 'br-lan'
	option vlan '2'
	list ports 'lan1:t'
	list ports 'lan3:u*'

config bridge-vlan
	option device 'br-lan'
	option vlan '3'
	list ports 'lan1:t'
	list ports 'lan4:u*'

config interface 'lan'
	option device 'br-lan.1'
	option proto 'dhcp'

config interface 'VLAN2'
	option proto 'none'
	option device 'br-lan.2'

config interface 'VLAN3'
	option proto 'none'
	option device 'br-lan.3'

psherman · October 14, 2025, 11:24pm

Delete this (you have other lan interface in the file):

Everything else looks fine.

WLAN 2, I assume, is VLAN 2?

Try connecting via ethernet to port lan3 -- if that works, the problem is on the OpenWrt side (likely an error in the wireless file). If it doesn't work, that suggests a problem upstream (switch and/or router).

opnw · October 14, 2025, 11:26pm

Yes, WLAN 2 is VLAN 2, and WLAN 3 = VLAN 3. Thank you very much! I will go on tomorrow, good night.

opnw · October 15, 2025, 8:32am

Thank you, it works like a charm. Also testing lan ports 3 + 4 by wire working fine with VLAN 2 + 3. Here the working setup:

root@ArcherC6v3:/etc/config# cat network 

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd51:4c50:4c4::/48'
	option packet_steering '1'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'lan1'
	list ports 'lan2'
	list ports 'lan3'
	list ports 'lan4'

config bridge-vlan
	option device 'br-lan'
	option vlan '1'
	list ports 'lan1:u*'
	list ports 'lan2:u*'

config bridge-vlan
	option device 'br-lan'
	option vlan '2'
	list ports 'lan1:t'
	list ports 'lan3:u*'

config bridge-vlan
	option device 'br-lan'
	option vlan '3'
	list ports 'lan1:t'
	list ports 'lan4:u*'

config interface 'lan'
	option device 'br-lan.1'
	option proto 'dhcp'

config interface 'VLAN2'
	option proto 'none'
	option device 'br-lan.2'

config interface 'VLAN3'
	option proto 'none'
	option device 'br-lan.3'

system · October 25, 2025, 8:32am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.